Menu
What's new
By:
Filters Better Search

Weird website issue - seem to be something with the router..

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Pierino said:
Try with dd-wrt on it just for kicks.
Click to expand...
I found a version of DD-WRT for the Ac-1900P and it fixed the issue. I still prefer running Merlin, maybe at this point a flash back will fix the issue. Unless there are any other ideas to try and address the issue. Seems pretty obvious something got corrupted - doesn't seem like it was a hardware issue.
 
ex313 said:
If I browse to this website:
http://heroesforhire.us

I get a page off this website:
https://www.spiceoflifepharmacy.com

1. It only happens on devices connected to the router.
2. It happens on two different PC, all browsers and my android mobile
3. If I engage the VPN on the PC or switch to Verizion data - I get the correct website.
4. If I bypass the router and connect directly to Spectrum - I get the correct site.
5. I have tried a power reset, changing DNS servers - nothing changes it.
6. Cleared browser data, Windows DNS Cache - no effect.
7. If I navigate to any subpage the correct site comes up. (ex: http://heroesforhire.us/?page_id=17)

I am running an AC-1900P on 384.13. Did a full reset on the last firmware update, is there something I am missing?? Some routing table setting or cache that I have failed to clear?

Thanks !
Click to expand...

Is that a refurbished or used 1900P?
 
dave14305 said:
So did this not change the outcome, or did you also switch to ddwrt during that 20 mins?
Click to expand...
The WAN IP didn't change when I swapped out the AC-1900P with the WRT-54. So by that I would conclude that the webserver was doing what it should and not giving our WAN IP weird content.
 
DD-WRT wasn't running the best on this router. 2G throughput was sketchy and clients had trouble accessing via 5G. reloaded 384.13 via rescue mode and the router is back to giving me erroneous sites.
Looks like its time to replace the router.
 
ex313 said:
DD-WRT wasn't running the best on this router. 2G throughput was sketchy and clients had trouble accessing via 5G. reloaded 384.13 via rescue mode and the router is back to giving me erroneous sites.
Looks like its time to replace the router.
Click to expand...
Do you see this with other URLs besides the one in this thread?
 
dave14305 said:
Do you see this with other URLs besides the one in this thread?
Click to expand...
This is the only one I have discovered.
I have seem a few other anomalies with this unit such as wifi dropouts, slow site/dns resolves. Was not enough to worry about it, but this seems a little weird.
 
I did some more messing around with the router this morning.
I set up my PIA VPN on the router, and going through the VPN the result is still the same - which pretty much rules out any webserver/ISP issues - its solely focused on the router.
 
ex313 said:
I did some more messing around with the router this morning.
I set up my PIA VPN on the router, and going through the VPN the result is still the same - which pretty much rules out any webserver/ISP issues - its solely focused on the router.
Click to expand...
If you ssh to the router, and run these commands, see if anything looks unusual/unexpected. Post the results if you are comfortable doing so. Looking for rogue web processes or dns processes, or iptables rules, unexpected partitions, etc.
Code: 
netstat -nltup
iptables -t nat -S
cat /etc/dnsmasq.conf
cat /tmp/resolv.dnsmasq
df
 
dave14305 said:
If you ssh to the router, and run these commands, see if anything looks unusual/unexpected. Post the results if you are comfortable doing so. Looking for rogue web processes or dns processes, or iptables rules, unexpected partitions, etc.
Code: 
netstat -nltup
iptables -t nat -S
cat /etc/dnsmasq.conf
cat /tmp/resolv.dnsmasq
df
Click to expand...

See attached txt files.
 

Attachments

  • netstat.txt
    3.6 KB · Views: 247
  • dnsmasq.txt
    500 bytes · Views: 206
  • dns.txt
    40 bytes · Views: 189
  • df.txt
    314 bytes · Views: 193
ex313 said:
See attached txt files.
Click to expand...
Nothing looks out of the ordinary. I might disable WPS under WiFi. Are you aware of those port forwards for 3074 and 3075? Just want to make sure they're intentional. You can probably delete the iptable.txt attachment since it includes your WAN IP and you don't need anymore problems. :)
I don't have a mastiff process on my router, but it's apparently part of the firmware. Do you use any IFTTT or AsusCloud?
 
Last edited:
How about running this on the router and seeing if the HTML looks like it's from the correct site or not?
Code: 
curl -v http://heroesforhire.us/ | more
or save it to a file:
Code: 
/tmp/home/root# curl http://heroesforhire.us/ -o hero.htm
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  665k    0  665k    0     0  65333      0 --:--:--  0:00:10 --:--:--  161k
/tmp/home/root# ll
-rw-rw-rw-    1 admin root        681885 Oct 26 15:00 hero.htm
 
Last edited:
dave14305 said:
How about running this on the router and seeing if the HTML looks like it's from the correct site or not?
Code: 
curl -v http://heroesforhire.us/ | more
or save it to a file:
Code: 
/tmp/home/root# curl http://heroesforhire.us/ -o hero.htm
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  665k    0  665k    0     0  65333      0 --:--:--  0:00:10 --:--:--  161k
/tmp/home/root# ll
-rw-rw-rw-    1 admin root        681885 Oct 26 15:00 hero.htm
Click to expand...
Its returning code that looks very similar to the pharmacy site - nothing like what is supposed to be on the heroesforhire page. Basically mirroring what the browser is doing.
 
You must log in or register to reply here.

Similar threads

M
Cannot connect to a website
Replies
5
Views
648
morden
M
S
One website cannot be accessed when VPN is on
Replies
7
Views
502
sfx2000
sfx2000
thegios
Cannot access a website from pc and Android (Chrome) and cannot login to Android app of the website
2
Replies
24
Views
574
thegios
thegios
url004
NXDOMAIN on server but the router can resolve queries
Replies
1
Views
465
url004
url004
A
Another weird AX86U issue - but not Malware? - Solved
Replies
5
Views
429
bbunge
bbunge
Similar threads
Thread starter Title Forum Replies Date
Cr00zng Weird DNS issue.... Asuswrt-Merlin 4
C Weird client VPN problem that just started ! Asuswrt-Merlin 53
E Weird connection drops on 5ghz Wifi GT-AX11000 Asuswrt-Merlin 3
visortgw asuswrt-merlin.net Website Site Down? Asuswrt-Merlin 18
M Cannot connect to a website Asuswrt-Merlin 5
Run5k Solved ASUS RT-AC68U router can't reach specific website - known issue? Asuswrt-Merlin 6
C "Disassociated because sending station is leaving (or has left)" - Roaming issue? Asuswrt-Merlin 3
A Portforwarding issue Asuswrt-Merlin 13
Preskitt.man DNS Issue?? AX5800 Pro Issue?? Asuswrt-Merlin 2
T 5G Frequency issue on RT-AX86U after update 3004.388.8_2 Asuswrt-Merlin 2

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 632 (members: 25, guests: 607)
Top